[neutron-dynamic-routing] BGPspeaker LOOP

Rodolfo Alonso Hernandez ralonsoh at redhat.com
Tue Nov 22 10:35:41 UTC 2022


Hello Roberto:

I didn't investigate the os-ken code in depth but I don't see how to
configure it not to learn these advertised routes. This is why I was asking
this. If you know how to do this (and that implies not modifying the os-ken
code), perfect. Let me know and I'll help you (if needed) to change the
n-d-r code.

If you need it, ping me in IRC (ralonsoh, #openstack-neutron channel)

Regards.


On Mon, Nov 21, 2022 at 8:49 PM Roberto Bartzen Acosta <
roberto.acosta at luizalabs.com> wrote:

> Hi Rodolfo,
> Are you sure it would be on os-ken?  I believe that the os-ken is a
> multi-purpose driver for BGP (bgpspeaker uses for advertising and
> withdrawal routes). What about other projects that use os-ken and need to
> learn routes?
> Shouldn't bgpspeaker be responsible for programming os-ken to not learn
> routes?
>
> Regards
>
> Em seg., 21 de nov. de 2022 às 13:55, Rodolfo Alonso Hernandez <
> ralonsoh at redhat.com> escreveu:
>
>> Hi Roberto:
>>
>> Please open a launchpad bug documenting this issue in os-ken.
>>
>> Thanks!
>>
>> On Wed, Nov 16, 2022 at 3:41 PM Roberto Bartzen Acosta <
>> roberto.acosta at luizalabs.com> wrote:
>>
>>> Thanks Sean.
>>>
>>>  I believe that the os-ken driver is not coded to honor this premise
>>> because the below function can learn new paths from peer update messages.
>>>
>>> https://opendev.org/openstack/os-ken/src/branch/master/os_ken/services/protocols/bgp/peer.py#L1544
>>>
>>> Em qua., 16 de nov. de 2022 às 09:14, Sean Mooney <smooney at redhat.com>
>>> escreveu:
>>>
>>>> On Wed, 2022-11-16 at 09:05 -0300, Roberto Bartzen Acosta wrote:
>>>> > Sorry for the mistake, I meant, the bgpspeaker should only
>>>> "*advertise*!"
>>>> > and not "learn" the AS_PATHs via BGP.
>>>> yes that used to be the scope of that project to advertise only and not
>>>> learn
>>>> so i would geuss either that has change recently and they broke
>>>> backward compaitbly
>>>> or they have refactord it to use an external bgp speaker like frr and
>>>> it learns by default
>>>>
>>>> i dont really see anything here
>>>> https://github.com/openstack/neutron-dynamic-routing/commits/master
>>>> im not really familar with the internals of the project but i dont see
>>>> any code to learn routs form
>>>>
>>>>
>>>> https://github.com/openstack/neutron-dynamic-routing/blob/master/neutron_dynamic_routing/services/bgp/agent/driver/os_ken/driver.py
>>>>
>>>> it just has code for advertizing and withdrawing routes.
>>>>
>>>>
>>>>
>>>> >
>>>> > Em qua., 16 de nov. de 2022 às 08:57, Sean Mooney <smooney at redhat.com
>>>> >
>>>> > escreveu:
>>>> >
>>>> > > On Wed, 2022-11-16 at 08:43 -0300, Roberto Bartzen Acosta wrote:
>>>> > > > Hey folks,
>>>> > > >
>>>> > > > Please, I have a question here, the bgpspeaker should only
>>>> "learn" and
>>>> > > not
>>>> > > > "advertise" the AS_PATHs via BGP, right?
>>>> > >
>>>> > > its been a while since i looked at it but in the past it did not
>>>> supprot
>>>> > > learning at all
>>>> > >
>>>> > > it just advertised the routes for the neutron netowrks
>>>> > >
>>>> > > >
>>>> > > > In my tests, I can see that it is learning routes from BGP
>>>> neighbors.
>>>> > > This
>>>> > > > behavior can cause an AS_PATH loop because the bgpspeaker learns
>>>> back its
>>>> > > > own advertised routes, and I see a message like this in the logs:
>>>> > > >
>>>> > > > 2022-11-11 19:45:41.967 7220 ERROR bgpspeaker.peer [-] AS_PATH on
>>>> UPDATE
>>>> > > > message has loops. Ignoring this message:
>>>> > > >
>>>> > >
>>>> BGPUpdate(len=91,nlri=[],path_attributes=[BGPPathAttributeMpReachNLRI(afi=2,flags=144,length=46,next_hop='2001:db7:1::1',nlri=[IP6AddrPrefix(addr='2001:db9:1234::',length=64)],safi=1,type=14),
>>>> > > > BGPPathAttributeOrigin(flags=64,length=1,type=1,value=0),
>>>> > > > BGPPathAttributeAsPath(flags=80,length=10,type=2,value=[[65001,
>>>> > > >
>>>> > >
>>>> 65000]])],total_path_attribute_len=68,type=2,withdrawn_routes=[],withdrawn_routes_len=0)
>>>> > > >
>>>> > > > This can be fixed by suppressing the neighbor route advertisement
>>>> (using
>>>> > > > route-map export), but have I misunderstood how
>>>> neutron-dymanic-routing
>>>> > > > works or do we have a possible bug here?
>>>> > > >
>>>> > > > Regards
>>>> > > >
>>>> > >
>>>> > >
>>>> >
>>>>
>>>>
>>>
>>> *‘Esta mensagem é direcionada apenas para os endereços constantes no
>>> cabeçalho inicial. Se você não está listado nos endereços constantes no
>>> cabeçalho, pedimos-lhe que desconsidere completamente o conteúdo dessa
>>> mensagem e cuja cópia, encaminhamento e/ou execução das ações citadas estão
>>> imediatamente anuladas e proibidas’.*
>>>
>>>  *‘Apesar do Magazine Luiza tomar todas as precauções razoáveis para
>>> assegurar que nenhum vírus esteja presente nesse e-mail, a empresa não
>>> poderá aceitar a responsabilidade por quaisquer perdas ou danos causados
>>> por esse e-mail ou por seus anexos’.*
>>>
>>
>
> *‘Esta mensagem é direcionada apenas para os endereços constantes no
> cabeçalho inicial. Se você não está listado nos endereços constantes no
> cabeçalho, pedimos-lhe que desconsidere completamente o conteúdo dessa
> mensagem e cuja cópia, encaminhamento e/ou execução das ações citadas estão
> imediatamente anuladas e proibidas’.*
>
>  *‘Apesar do Magazine Luiza tomar todas as precauções razoáveis para
> assegurar que nenhum vírus esteja presente nesse e-mail, a empresa não
> poderá aceitar a responsabilidade por quaisquer perdas ou danos causados
> por esse e-mail ou por seus anexos’.*
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20221122/6292fe4f/attachment-0001.htm>


More information about the openstack-discuss mailing list